Authored by Mr. Kiran Deshpande, co-founder & president, Mojo Networks
Setting up or connecting to an unsecured Wi-Fi connection may seem convenient, but that convenience comes at the cost of security. The risks are that much worse when using the connection for business purposes, considering the sensitivity of business data. Primarily, the risks of unsecured Wi-Fi have to do with data interception and network intrusion. Mr. Kiran Deshpande, co-founder & president, Mojo Networks, which deals in cloud-hosted secure Wi-Fi, shares his insights on how not to come into the trap of hackers as a open Wi-Fi Network can be dangerous for security and data can be stolen as well.
Strengthening Managed Wi-Fi
Use Wi-Fi Protected Access (WPA) or WPA2 with 802.1x authentication in your managed Wi-Fi. If you have to use a Pre-Shared Key (PSK) authentication instead of 802.1x, use a strong passphrase (aka WPA shared key) that is at least eight characters long and is a combination of alphanumeric and special characters.
Change the default admin password on your Wi-Fi AP to a stronger password (at least eight characters and a mix of alphanumeric characters) to prevent unauthorized users from tampering with AP’s settings. Use an SSID that is simple but that does not reveal the identity or sensitive information about your organization. You may also choose to hide this SSID by disabling it from being advertised in the AP’s beacon. Make sure you upgrade your APs to the latest version of the software/firmware released by the vendor.
Promote awareness among end users to follow wireless endpoint security practices such as: using virtual private network (VPN) at Wi-Fi hotspots, not connecting to untrusted Wi-Fi networks, regular cleanup of their “preferred networks list,” disabling the ad-hoc connection mode, turning off their Wi-Fi when not in use/where not allowed to use, and keeping Wi-Fi driver software up-to-date. You can also use client side software agents available in the market to automatically enforce such controls on the user devices with central monitoring and logging capabilities.
Protecting From Unmanaged Wi-Fi
Scan the airspace periodically to audit Wi-Fi devices and activity in and around your premises, and proactively identify potential vulnerabilities in Wi-Fi security posture and gaps in the regulatory compliance.
Wireless Intrusion Prevention System (WIPS) provides comprehensive protection against wireless threats from unmanaged devices such as Rogue APs, mis-associations, Honeypots, ad hoc networks, DoS attacks etc. It can detect, automatically block and locate such threats. WIPS also keeps watch on the managed Wi-Fi infrastructure to ensure that managed APs are always properly configured and to detect cracking exploits. WIPS performs Wi-Fi security audit, and regulatory and corporate compliance monitoring, in fact on a continuous basis.
